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TITLE OF THE INVENTION 

Delivery of License Information using a Short Messaging System Protocol in a Closed 

Content Distribution System 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 

The invention relates to out-of-band delivery of license information, such 
as for example using an SMS (short messaging system) protocol, with the effect of deliv- 
ering that license information to a destination in a closed content distribution system, 
using, at least in part, a channel other than that used for content distribution itself. 
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1 livering that license information to a destination in a closed content distribution system, 

2 using, at least in part, a channel other than that used for content distribution itself. 

3 2. Related Art 
4 

5 Closed content distribution systems include end-to-end systems, includ- 

6 ing publishing servers, content distribution servers and playback devices, where the 

7 content that is playable on playback devices can be completely controlled through ap- 

8 propriate security techniques, and those security techniques make it relatively difficult 

9 for any unauthorized third party to distribute content that would be playable on the 

10 playback devices. For one example, not intended to be limiting in any way, security of 

1 1 a closed content distribution system can be maintained using techniques shown in the 

12 incorporated disclosure. 
13 

14 One example of a closed content distribution system includes a playback 

15 device, such as a game station, such as for example found in an arcade, a user's home, 

16 or a similar type of location, using which content can be executed or presented interac- 

17 tively with one or more game players. Content can be distributed to such a playback 

18 device using a download connection to a distribution network, or using transport of 

19 physical media (such as for example CD-ROMs or DVDs) including the content, possi- 

20 bly encrypted using a symmetric key, or possibly encrypted using an key pair such as in 

21 a public key cry ptosy stem. For one example, not intended to be limiting in any way, 



Express Mailing EL 768 962 451 US 



196.1011.01 

1 the playback device might operate alone or in conjunction or cooperation with other 

2 devices, such as for example a display monitor or an input controller. 
3 

4 One concern with closed content distribution systems is how information 

5 is distributed from authorized sources to those playback devices, how those playback 

6 devices determine if license rights associated with the user permit that user to execute 

7 or present that content, and how those playback devices enforce those license rights 

8 while executing or presenting that content. For one example, not intended to be limit- 

9 ing in any way, the closed content distribution system can include reception by the 

10 playback device of (1) content to be executed or presented, and of (2) licenses indicating 

1 1 scope of rights by users to execute or present that content. Some examples of closed 

1 2 distribution of content and of licenses are shown in the incorporated disclosure. 
13 

14 One problem is that requirements of channels for distribution of content 

1 5 and licenses can differ significantly, including the amount of information for distribu- 

16 tion, the frequency or timing of those distributions, and the degree of time latency toler- 

17 able for those distributions. It might be common to distribute several gigabytes of in- 

1 8 formation for content, using one or more DVDs once per week, and to accept a time la- 

19 tency of several days for that distribution. In contrast, it might be common to distribute 

20 at most several kilobytes of information for licenses, but it might be advantageous to re- 

21 ceive that license information within minutes of a request, such as for example in re- 

22 sponse to the user presenting proof of payment for the license. 
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1 

2 For one example, not intended to be limiting in any way, it might be ad- 

3 vantageous to allocate a function of delivering content to a content server, and sepa- 

4 rately to allocate a function of delivering licenses to a license server, such as for example 

5 shown in the incorporated disclosure. One problem is that contact with such a license 

6 server involves relatively more frequent requests for relatively smaller amounts of in- 

7 formation, and should provide for relatively quick response and relatively little time 

8 latency. In contrast, contact with such a content server involves relatively less frequent 

9 requests for larger amounts of information, and can tolerate relatively slower response 

10 and relatively larger time latency. In one embodiment, the license enables the content 

11 to be determined to be executable, valid, or both, with the effect that the content might 

12 be received at the player device any time in advance of the license. 
13 

14 If content is to be delivered to the playback device using physical media, 

15 distribution does not need to involve any coupling to a communication network or 

16 other form of electronic distribution. However, if licenses are to be delivered to the 

17 playback device, coupling to a communication network or other form of electronic dis- 

18 tribution can involve significant expense, particularly when the playback device is itself 

19 relatively inexpensive. Also, this would involve network connectivity or other connec- 

20 tivity being available at the consumer end (that is, the playback device itself), when 

21 communicating with the license server. Accordingly, it would be advantageous to pro- 

22 vide a technique for delivering licenses relatively quickly and with relatively little time 
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1 latency, without involving the expense of coupling the playback device to a communi- 

2 cation network or other form of electronic distribution. 
3 

4 Accordingly, it would be advantageous to provide a technique involving 

5 delivery of license information or a shorter code from which license information might 

6 be derived or verified, not subject to drawbacks of known systems, such as for example 

7 in a closed distribution system. 
8 

9 SUMMARY OF THE INVENTION 
10 

1 1 The invention provides a method and system capable of delivery of li- 

12 cense information, such as for example in a closed distribution system. In one embodi- 

13 ment, a closed distribution system includes a playback device including a computing 

14 device capable of general purpose processing, and capable of enforcing mandatory exe- 

1 5 cution of selected security software, such as for example a secure processor such as de- 

16 scribed in the incorporated disclosure. The playback device is capable of receiving 

17 content to be executed or presented, such as for example embedded on physical media 

1 8 delivered to a location at or near the playback device. Operation of the secure processor 

19 assures that only authorized content is executed or presented by the playback device, 

20 and any appropriate licensing or rights information is interpreted and enforced by the 

21 playback device. In one embodiment, the secure processor has access to external mem- 

22 ory on which that secure processor can maintain rewritable information, such as for ex- 
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1 ample game state information, license information, and user information, authenticated 

2 or hidden using a cryptographically-secure technique, such as for example digital en- 

3 cryption or digital signature. 
4 

5 For one example, not intended to be limiting in any way, the playback de- 

6 vice might be coupled to a LAN (local area network) or a secured enterprise network, 

7 with the effect that content delivered to devices coupled to one of those networks can be 

8 available to the playback device. This includes the effect that the playback device 

9 would be able to include additional communication links to supplemental input con- 

10 trollers, with the effect that the method and system can support multiplayer games and 

1 1 games with multiple input controllers, and with the effects that games can include con- 

12 tests among multiple players for "high score" and the like, and can also include asso- 

1 3 ciations of players, such as for example player teams. 
14 

15 In one embodiment, a user (such as a game-player) associated with a 

16 playback device makes a connection to a license server, to request a license to selected 

17 content. The connection includes a communication link outside the closed content sys- 

18 tern, and provides the user with a technique for communicating with the license server, 

19 without involving the playback device in that connection. For one example, not in- 

20 tended to be limiting in any way, the user might request a license using SMS (short 

21 messaging system) or another technique with the effect of sending a relatively small 

22 amount of information to request a license for specific content (whether application 
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1 program, media content, or otherwise). The license server receives the request, deter- 

2 mines if a license should be issued, and responds to the request. For one example, not 

3 intended to be limiting in any way, the license server might respond to the request us- 

4 ing SMS, with the effect of providing the user with an alphanumeric or numeric code. 

5 This has the effect of allowing the user to input that alphanumeric or numeric code to 

6 the playback device, which can determine if that alphanumeric or numeric code 

7 authorizes the user for the selected content. 
8 

9 In one embodiment, the alphanumeric or numeric code might represent 

10 information typically included in a license message as described in the incorporated 

1 1 disclosure. For one example, not intended to be limiting in any way, the alphanumeric 

12 or numeric code might include a hexadecimal (or other radix) representation of a license 

13 message. The playback device might receive that alphanumeric or numeric code from 

14 the user using a keypad or other input device. 
15 

16 In one embodiment, the playback device, using its secure processor, can 

17 authenticate the license message, with the effect of determining whether the user is 

18 authorized to execute or present the selected content. For one example, not intended to 

19 be limiting in any way, the license message might be encoded using a digital signature 

20 or a secure hash, with the effect that the playback device (or the secure processor) can 

21 determine if that license message is authentic. If that license message is in fact authen- 

22 tic, the playback device (or the secure processor) can determine if that license message 
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1 grants the user sufficient rights to execute or present the selected content, and can con- 

2 trol whether that selected content is executed or presented. 
3 

4 For a first example, not intended to be limiting in any way, the alphanu- 

5 meric or numeric code might include a representation of a content decryption key, us- 

6 ing which the playback device might be able to decrypt content and access that content 

7 for execution or presentation. In one embodiment, content encryption and decryption 

8 includes a public-key cryptosystem, with the effect that the content decryption key 

9 would include a decryption key privately associated with the content, encrypted by an 

10 encryption key publicly associated with the specific playback device. This would have 

1 1 the effect that the alphanumeric or numeric code would only allow the playback device 

12 to execute or present the content if the selected content and the specific playback device 

13 were both associated with the information received from the license server. 
14 

15 For a second example, not intended to be limiting in any way, an activa- 

16 tion code might include an identity of the player and an identity of the content itself, 

17 either signed by the license server, or encrypted by a common key (such as for example 

1 8 a Dif f ie-Hellman shared secret) that can be computed by both the license server and the 

19 specific player. The mandatory security software would, in such cases, enforce the 

20 computation of the secret key (using its private key and server public key) and decryp- 

21 tion of the identities. In alternative embodiments, the mandatory security software may 

22 enforce the verification of a signature by the license server. In such cases, the manda- 
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1 tory security software would force the comparison of the player identity with its own 

2 tamper-proof identity and the identity of the content that the activation code is meant 

3 for. In such cases, the mandatory security software would separately authenticate the 

4 content identity with respect to the content data hash or signature, using a trusted 

5 server (such as for example a trusted content publisher) signature over those quantities. 
6 

7 In one embodiment, communication between the license server and the 

8 user involves a commercial transaction. For one example, not intended to be limiting in 

9 any way, the license server would receive information from the user sufficient to allow 

10 the license server to effect a purchase transaction by the user (such as for example, a 

1 1 credit card or debit card number the user is authorized to charge, an account or a sub- 

12 scription the user is authorized to use, and the like). In such embodiments, the license 

13 server would issue the alphanumeric or numeric code in response to the user having 

14 sufficient authorization to use the playback device; that sufficient authorization would 

15 include proof that the user had (either in the past or just then) purchased the right to 

1 6 use the content with that playback device. 

17 After reading this application, those skilled in the art would recognize that 

18 the techniques described herein provide an enabling technology, with the effect that 

19 heretofore advantageous features can be provided that heretofore were substantially in- 

20 feasible. 
21 

22 BRIEF DESCRIPTION OF THE FIGURES 
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1 

2 Figure 1 shows a block diagram of a system including a closed distribu- 

3 tion system and a separate connection capable of delivery of license information. 
4 

5 Figure 2 shows a process flow diagram of a method of using a system in- 

6 eluding a closed distribution system and a separate connection capable of delivery of li- 

7 cense information. 
8 

9 INCORPORATED DISCLOSURE 
10 

1 1 This application claims priority of the following documents, each of which 

12 is hereby incorporated by reference as if fully set forth herein. 
13 

14 • U.S. patent application 10/360,827, filed February 7, 2003 in the name of inven- 

15 tors Pramila SRINIVASAN, John PRINCEN, Frank BRENDT, David BLYTHE, 

16 William SAPERSTEIN, and Wei YEN, attorney docket number 196.1006.01, titled 

17 "Secure and Backward-Compatible Processor and Secure Software Execution 

1 8 Thereon," and all applications claiming priority thereof. 

19 • U.S. patent application 10/703,149, filed November 5, 2003 in the name of in- 

20 ventors Wei YEN and David BLYTHE, attorney docket number 196.1009.01, ti- 

21 tied "Static-or-Dynamic and Limited-or-Unlimited Content Rights," and all ap- 

22 plications claiming priority thereof. 
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1 

2 These documents are each hereby incorporated by reference as if fully set 

3 forth herein, and are sometimes collectively referred to herein as the "incorporated dis- 

4 closure". 
5 

6 Inventions described herein can be used in combination or conjunction 

7 with technology described in the incorporated disclosure. 
8 

9 DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT 

10 

1 1 Preferred embodiments of the invention are described herein, including 

12 preferred device coupling, device functionality, and process steps. After reading this 

13 application, those skilled in the art would realize that embodiments of the invention 

14 might be implemented using a variety of other techniques not specifically described 

15 herein, without undue experimentation or further invention, and that such other tech- 

16 niques would be within the scope and spirit of the invention. 
17 

18 Lexicography 
19 

20 The following terms refer or relate to aspects of the invention or its em- 

21 bodiments. The general meaning of each of these terms is intended to be illustrative 

22 and in no way limiting. 
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1 

2 • The phrase "closed distribution system" generally describes a system in which 

3 content can be delivered from an authorized source, and in which recipients of 

4 that content can assure that the specific content is authorized to be executed or 

5 presented in the closed distribution system. The concept of a closed distribution 

6 system is broad, and includes any system in which distribution, execution, or 

7 presentation of content can be restricted to specific authorized content. In one 

8 embodiment, the closed distribution system can be used in combination or con- 

9 junction with business techniques in which content can be licensed or paid for by 
10 those users who wish to execute or present that content. 

11 

12 • The term "content" or the phrase "content element" generally describe an appli- 

13 cation program (such as for example a game program) or a set of media content 

14 (such as for example an animation clip or a video clip) to be executed or inter- 

15 preted (for code or instructions) or to be displayed or presented (for media con- 

16 tent). As described below, the content might include application software, 

17 audio/ video presentations, databases, games, multimedia content, reasonable 

18 combinations or generations thereof, and the like. The concept of content is 

19 broad, and might include application programs, games, audio or video, and the 

20 like. In one embodiment, each content item is associated with a unique identity, 

21 with the effect that licenses can refer to that specific content item. 
22 
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1 • The phrase "secure processor" generally describes any device that can use in- 

2 formation from a rewritable storage element, and can operate as a relatively se- 

3 cure computing device performing the functions of a controller for a game sys- 

4 tern or similar system. As described below, the secure processor is relatively se- 

5 cure against tampering, and includes at least a UID (unique identifier) or a 

6 known encryption key (such as for example a key private key of a private-public 

7 key pair in a public-key cryptosystem), with the effect that other elements of the 

8 system are capable of communicating privately and securely with the secure 

9 processor. The concept of a secure processor is broad, and includes any general 

10 purpose or special purpose computing device for which there is at least some se- 

1 1 cure memory, secured against inspection or intrusion from outside the secure 

12 processor, and for which there is at least some executive control capable of pre- 

13 venting application software from disclosing the contents of that secure memory. 

14 In one embodiment, the secure processor has at least some built-in security soft- 

1 5 ware that cannot readily be circumvented or other techniques to securely boot- 

16 strap the loading of such security software from insecure devices, such as for ex- 

1 7 ample external mass storage. 
18 

19 • The phrase "playback device" generally describes any device that can execute or 

20 present selected content, such as for example in conjunction with, in cooperation 

21 with, or under control of a relatively secure computing device, such as possibly a 

22 secure processor as described above. As described below, this has the effect that 

Express Mailing EL 768 962 45 1 US 13 



196.1011.01 

1 the playback device is relatively secure against tampering, with the effect that 

2 only authorized users can execute or present content using the playback device. 

3 The concept of a playback device is broad, and includes any general purpose or 

4 special purpose computing device capable of executing instructions or present- 

5 ing human-readable media (such as for example audio or visual media). In one 

6 embodiment, the playback device has at least some built-in security software that 

7 cannot readily be circumvented. In one embodiment, (1) each playback device is 

8 associated with a unique identity, with the effect that licenses can refer to that 

9 specific playback device, and (2) each playback device is associated with a pub- 

10 lie/ private key pair in a public key cryptosystem, with the effect that other de- 

1 1 vices can communicate securely with that playback device. 
12 

13 • The term "license 77 generally describes information sufficient for the secure 

14 player to verify the authenticity of the content and to use the content, and to ver- 

1 5 ify that the specific user has rights to execute or present the content at the specific 

16 playback device. In one embodiment, each license includes a data structure as- 

17 sociated with one or more content elements, and including, in one embodiment, 

18 (1) a key for that content, such as for example encrypted by an encryption key 

19 publicly associated with the user or including a shared secret known to the user, 

20 with the effect that the secure processor can access the content if it has access to 

21 the license, (2) a digital signature or secure hash value, with the effect that the li- 

22 cense cannot be easily altered and remain effective, and (3) a digital signature or 
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1 secure hash value associated with the content itself, with the effect that the li- 

2 cense can be verified by the playback device to be associated with the specific 

3 content. As described below, the license also includes a description of those 

4 rights the licensee has with regard to the content. In one embodiment, licenses 

5 are individually tailored to each authorized recipient or user, although in the 

6 context of the invention there is no such particular requirement. 
7 

8 • The phrase " activation code" describes a part of a whole license, considered nec- 

9 essary and sufficient to permit execution of selected specific content by the spe- 

10 cific player device. An activation code might be an entire license, a part thereof, 

11 or a transformation thereof (such as a transformation suitable for human reading 

12 or data entry). 
13 

14 • The phrase "license server" generally describes, in the distribution system, any 

15 device capable of delivering licenses or activation codes granting rights to con- 

16 tent. In one embodiment the license server includes an online transaction server 

1 7 capable of requesting an identity of the device requesting the license and capable 

18 of creating, in response, a cryptographically signed data structure containing in- 

19 formation specifying a content item identity, a playback device identity and a set 

20 of rights to that content. 
21 
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1 • The term "rights" and the phrases "content rights" or "rights to the content" 

2 generally describe what actions the secure processor and the playback device re 

3 allowed to take with regard to the content. For some examples, not intended to 

4 be limiting in any way, the rights might include a number of times the secure 

5 processor or the playback device are allowed to execute the content, an amount 

6 of total running time the secure processor or the playback device are allowed to 

7 execute the content, an amount of wall-clock time the secure processor or the 

8 playback device are allowed to execute the content, what resources (such as for 

9 example what hardware or what software) the secure processor or the playback 

10 device can utilize during execution or presentation of the content, and the like. 

1 1 As described below, the secure processor prevents any use of the content outside 

1 2 those specified by the content rights. 
13 

14 • The phrases "content server" or "content distribution server" generally describe, 

15 in the distribution system, any device capable of delivering content (either di- 

16 rectly or indirectly), to a secure player or secure processor, using any form of 

17 transport technique. As described below, the content distribution server needs 

18 only a single copy of each content element, and might deliver multiple individu- 

19 alized copies of that content element in response to distinct users or in response 

20 to distinct requests. The concept of a content server is broad, and includes not 

21 only a server having content stored thereon, but also devices by which content 

22 might be dynamically created, such as a television camera, video camera, 
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1 webcam, any reasonable generalization thereof, and the like. The content server 

2 may include a secure device capable of generating a secure hash and securely 

3 signing any information distributed from the server. 
4 

5 • The phrase " input console" generally describes any device capable of delivering 

6 control inputs, either directly or indirectly, from a user to a playback device or a 

7 controller thereof. The concept of an input console is broad, and includes any 

8 manner of user input device, possibility including a keyboard or keypad, joystick 

9 or mouse or other pointing device, or other control buttons, whether pre-selected 

10 or dynamically presented using a flat-panel controller, and the like. For example, 

1 1 the input console might include a direct wire connection, a direct RF or IR con- 

12 nection, or an indirect (switched) connection. 
13 

14 • The term "rewritable storage element" generally describes any device capable of 

15 maintaining information for use by a secure processor or playback device, and 

16 capable of being rewritten with new information. As described below, a rewri- 

17 table storage element might include a flash memory. The concept of a rewritable 

18 storage element is broad, and includes any manner of storage device capable of 

19 being read and written, whether random access or not, and whether the read or 

20 write operations are relatively rapid or not. For some examples, not intended to 

21 be limiting in any way, the rewritable storage element might include an SRAM, 

22 flash memory, bubble memory, or disk drive (magnetic or optical or both). 
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1 

2 The scope and spirit of the invention is not limited to any of these defini- 

3 tions, or to specific examples mentioned therein, but is intended to include the most 

4 general concepts embodied by these and other terms. 
5 

6 System Elements 
7 

8 Figure 1 shows a block diagram of a system including a closed distribu- 

9 tion system and a separate connection capable of delivery of license information. 
10 

1 1 A system 100 includes a secure processor 110, a playback device 120, a 

12 content server 130, a license server 140, and a communication link 160 between the li- 

13 cense server 140 and a user 150. 
14 

15 As further described in the incorporated disclosure, the secure processor 

16 110 includes a secure state and its monitored state, with an application program (such 

17 as a game program) running in the monitored state. In one embodiment, the applica- 

1 8 tion program is responsive to a set of content 131, suitable for execution or presentation. 

19 The secure processor 110 might perform the content 131 in the monitored state, where 

20 that content 131 is suitable for execution, or might control the playback device 120 to 

21 present the content 131, where that content 131 is suitable for presentation. 
22 
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1 In one embodiment, the secure processor 110 includes at least some inter- 

2 nal storage 111, suitable for maintaining data secure against discovery or tampering, 

3 and is associated with a unique identifier and with a public/ private key pair in a public 

4 key cryptosystem. The secure processor 110 also includes at least some external storage 

5 112, such as for example flash memory or one or more disk drives, on which the secure 

6 processor 110 might maintain additional information (such as information not readily 

7 capable of being maintained in the internal storage 111). In one embodiment, the addi- 

8 tional information maintained on the external storage 112 can be protected against dis- 

9 covery by digital encryption and can be protected against tampering using a digital sig- 
10 nature or a secure hash code. 

11 

12 As further described in the incorporated disclosure, the playback device 

13 120 includes an output element 121 capable of presenting the content 131, and includes 

14 at least one input console 122 capable of receiving commands, control inputs, or other 

15 inputs from one or more users 150. In one embodiment, the playback device 120 is ca- 

16 pable of receiving control inputs from the input console 122, such as for example a set of 

17 license information 141 received from the license server 140. 
18 

19 In one embodiment, the secure processor 110 and the playback device 120 

20 are effectively coupled, with the effect that the secure processor 110 can execute the 

2 1 content 131, or can control the playback device 120 to present the content 131. For a first 

22 example, not intended to be limiting in any way, the playback device 120 might include 
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1 a computer game station operating under control of an embedded secure processor 110 

2 (and possibly other processors). For a second example, not intended to be limiting in 

3 any way, the playback device 120 might include audio, video, or audio-video presenta- 

4 tion hardware, capable of presenting sound and pictures to the user 150 in response to 

5 control of an embedded secure processor 110 (and possibly other processors). 
6 

7 In one embodiment, content 131 or license information 141 received by the 

8 secure processor 110 or the playback device 120 might be maintained on the external 

9 storage 112, digitally encrypted against discovery and digitally signed against tamper- 

10 ing using a public/ private key pair in a public key cry ptosy stem, the public/ private 

1 1 key pair being maintained in the internal storage 111. 
12 

13 As further described in the incorporated disclosure, the content server 130 

14 includes a set of content 131 suitable for execution or presentation. The content 131 can 

15 be distributed to the secure processor 110 or the playback device 120, using an elec- 

16 tronic form of delivery (such as for example a broadcast technique or a computer net- 

17 work), a physical form of delivery (such as for example transport of physical media on 

18 which the content 131 is embedded in an encoded format), or some other form of distri- 

19 bution by which the secure processor 110 or the playback device 120 receives the con- 

20 tent 131 in a relatively economical manner. 
21 
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1 As further described in the incorporated disclosure, the license server 140 

2 includes a processor, program and data memory, capable of receiving request messages 

3 141 for one or more of a set of licenses 142, capable of generating or retrieving licenses 

4 142, and capable of sending response messages 143 including information relating to 

5 those licenses 142. 
6 

7 Although it is possible for the secure processor 110 or the playback device 

8 120 to communicate directly with the license server 140, in one embodiment, the secure 

9 processor 110 and the playback device 120 need not have any connection to the com- 

10 munication link 160. In such embodiments, the user 150 obtains information, if such in- 

1 1 formation is necessary to request a license 142, from the secure processor 110 or the 

12 playback device 120. The user 150 generates a request message 141 including informa- 

13 tion necessary to request the license 142, and sends that request message 141 to the li- 

14 cense server 140, without the assistance of either the secure processor 110 or the play- 

15 back device 120. 
16 

17 In one embodiment, the user 150 reads a first alphanumeric or numeric 

18 code 151 from the output element 121 of the playback device 120, including information 

19 sufficient to generate a request message 141 that can be sent to the license server 140. 

20 For a first example, not intended to be limiting in any way, the first alphanumeric or 

21 numeric code 151 might include a hexadecimal representation of the request message 

22 141. For a second example, not intended to be limiting in any way, the first alphanu- 
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1 meric or numeric code 151 might include instructions to the user 150 to read the infor- 

2 mation sufficient to generate a request message 141 from another source, such as for ex- 

3 ample a first unique identifier imprinted on the playback device 120 and a second 

4 unique identifier imprinted on physical media (such as for example a CD or DVD) on 

5 which the content 131 is embedded. 
6 

7 In one embodiment, the user 150 uses a communication device 152, such 

8 as for example a cellular telephone, a "Palm Pilot" or PDA or other hand-held com- 

9 puter, or a hybrid thereof, capable of communication using the SMS (short message 

10 service) protocol, to send the request message 141 to the license server 140. In such em- 

1 1 bodiments, the communication link 160 between the license server 140 and the user 150 

12 includes a private or public switched telephone network including cellular telephony. 

13 However, as described below, other and further examples of communication between 

14 the license server 140 and the user 150 are within the scope and spirit of the invention, 

15 with the effect that the communication link 160 might include one of a wide variety of 

16 techniques for transporting information from the user 150 to the license server 140, and 

17 back from the license server 140 in response thereto. 
18 

19 The SMS protocol is a relatively low data rate protocol using GSM wire- 

20 less networks. SMS is supported by many makes and models of cellular telephones, 

21 hand-held computers, and similar devices. The license server 140 receives the request 

22 message 141, generates a license 142 (in response to information recoverable from that 
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1 request message 141), and sends a response message 143 (including information suffi- 

2 cient to recover the license 142) to the user 150. In one embodiment, the user 150 re- 

3 ceives the response message 143 at the same communication device 152, but in the con- 

4 text of the invention, this is not a requirement. 
5 

6 In one embodiment, the user 150 reads the response message 143 from the 

7 communication device 152 (SMS is a text-based protocol, so the response message 143 

8 should be readable by a human user 150). The user 150 enters at least some information 

9 from the response message 143 into the input console 122, with the effect that the secure 

10 processor 110 and the playback device 120 are able to receive that information without 

1 1 having any direct communication link to the license server 140. 
12 

13 After reading this application, other and further examples of communica- 

14 tion between the license server 140 and the user 150 would be clear to those skilled in 

15 the art. After reading this application, those skilled in the art would recognize that such 

16 other and further examples would be workable in response to information from this 

17 application and its incorporated disclosure, are within the scope and spirit of the inven- 

18 tion, and would not require undue experiment or further invention. Such other and 

1 9 further examples include: 
20 
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1 • Examples of immediate payment: credit or debit cards, pre-paid phone cards, 

2 scratch-off phone cards, telephone billing using 900 or 976 phone numbers, 

3 vending devices taking deposits of actual bills, coins, or tokens. 
4 

5 • Examples of non-immediate payment: account numbers with credits or debits, 

6 subscription accounts. Any of these could use either cash or game credits. 
7 

8 • Examples of other types of communication to request licenses: Palm Pilot com- 

9 munication using digital ink or handwriting recognition, Palm Pilot communica- 

10 tion using stylus gestures, telephone calls using touch tone and AVR (automated 

1 1 voice response), telephone calls using voice recognition. 
12 

13 • Examples of other types of communication to respond with license information: 

14 a broadcast or cablecast message direct to the secure processor or the playback 

1 5 device, or a web server returning an activation code in response to appropriate 

1 6 input request, such as possibly using a hypertext protocol. 
17 

1 8 • Examples of other types of recognition of the playback device: Bluetooth recog- 

19 nition of the playback device from the cellular telephone, GPS location of the 

20 user. 
21 
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1 In one embodiment, the secure processor 110 and the playback device 120 

2 are coupled to a LAN (local area network) or a secure enterprise network, with the ef- 

3 feet that the secure processor 110 and the playback device 120 can communicate with 

4 other such secure processors 110 or playback devices 120 without any requirement for a 

5 communication link 160 capable of relatively remote communication. 
6 

7 Method of Operation 
8 

9 Figure 2 shows a process flow diagram of a method of using a system in- 

10 eluding a closed distribution system and a separate connection capable of delivery of li- 

1 1 cense information or activation code. 
12 

13 Although described serially, the flow points and steps of the method 200 

14 can be performed by separate elements in conjunction or in parallel, whether asynchro- 

15 nously or synchronously, in a pipelined manner, or otherwise. In the context of the in- 

16 vention, there is no particular requirement that the method 200 must be performed in 

17 the same order in which this description lists flow points or steps, except where explic- 

18 itly so indicated. 
19 

20 At a flow point 21 OA, the system 100 is ready to deliver content 131 to the 

21 secure processor 110 or playback device 120, and to make that content 131 available to 
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1 the user 150 for execution by the secure processor 110 or presentation by the playback 

2 device 120. 
3 

4 At a step 211, the secure processor 110 or the playback device 120 receives 

5 content 131 from the content server 130. 
6 

7 At a step 212, the user 150 indicates a desire to use the content 131 re- 

8 ceived from the content server 130. 
9 

10 At a step 213, either the secure processor 110 or the playback device 120 

1 1 provides sufficient information for the user 150 to request a license 142 from the license 

12 server 140. 
13 

14 At a step 214, the user 150 uses the communication link 160 to obtain a li- 



1 5 cense 142 from the license server 140. As part of this step, the user performs the f ol- 

1 6 lowing sub-steps: 



17 

18 • At a sub-step 214(a), the user 150 copies the information obtained above in the 

19 step 213 to the communication device 152. 
20 

21 • At a sub-step 214(b), the communication device 152 generates a request message 

22 141 for a license 142. In one embodiment, the request message 141 includes a 
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1 proof of payment by the user 150 for the license 142, such as an account number 

2 to charge or verify, a credit or debit card number to charge, a code derived from 

3 a scratch-off card, and the like, as described above with regard to figure 1. 
4 

5 • At a sub-step 214(c), the license server 140 receives the request message 141. 

6 • At a sub-step 214(d), the license server 140 determines if the user 150 should be 

7 granted a license 142. If not, the license server 140 generates a response message 

8 143 denying the license, and the method 200 returns to the flow point 210A. In 

9 one embodiment, as part of determining if the user 150 should be granted a li- 

10 cense 142, the license server 140 authenticates the proof of payment by the user 

1 1 150 for the license 142. 
12 

13 • At a sub-step 214(e), the license server 140 generates a license 142 for the specific 

14 playback device 120 and the specific user 150. 
15 

16 • At a sub-step 214(f), the license server 140 sends a response message 143 includ- 

1 7 ing information from which the playback device 120 can recover the license 142. 
18 

19 • At a sub-step 214(g), the user 150 receives the response message 143 and enters 

20 information from that message using the input console 122. 
21 
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1 At a step 215, the secure processor 110 and the playback device 120 verify 

2 that the license 142 is authentic, and that the license 142 grants rights for the specific 

3 user 150 to use the specific content 131 with the specific playback device 120. 
4 

5 At a step 216, the secure processor 110 maintains information relating to 

6 the license 142, including the rights granted to the specific user 150, in secure storage 

7 (either the internal storage 111 or, subject to digital encryption and digital signature, the 

8 external storage 112). 



9 At a step 217, the secure processor 110 and the playback device 120 exe- 

10 cute or present the content 131, subject to the rights granted by the license 142. In one 

1 1 embodiment, execution or presentation might be interactive with the user 150. 
12 

13 At a flow point 21 0B, the system 100 has delivered content 131 to the se- 



14 cure processor 110 or playback device 120, and made that content 131 available to the 

15 user 150 for execution by the secure processor 110 or presentation by the playback de- 

1 6 vice 120, and is now ready to perform another task. 
17 

18 Alternative Embodiments 
19 

20 Although preferred embodiments are disclosed herein, many variations 

21 are possible which remain within the concept, scope, and spirit of the invention. These 
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1 variations would become clear to those skilled in the art after perusal of this applica- 

2 tion. 
3 

4 • A license requesting device could automatically make the request with its em- 

5 bedded ID. This might be the playback device itself. 
6 

7 • The content ID might be implicitly assumed, since there is only one application 

8 for which rights are purchased. 
9 

10 • The rights might be in terms of duration of execution or number of times of exe- 

1 1 cution (for example, MP3 sound recordings), with licenses being generic or spe- 

1 2 cif ic to a particular content identifier. 

13 • The method of authentication or verification of the license might include the fol- 

14 lowing: The license server might deliver a content key for the specific encrypted 

15 content, in turn encrypted by a shared secret key known only to the specific 

16 player. This ensures that only the intended recipient is able to play the content. 
17 

1 8 • The method of authentication or verification of the license might include the f ol- 

19 lowing: The license server might deliver a signature over a token including the 

20 player and content identities. The security software is able to enforce the check 

21 against its own identity and the content identity. In lieu of the signature, the 



Express Mailing EL 768 962 45 1 US 29 



196.1011.01 

1 server could (either in addition or instead) encrypt the token using a shared key 

2 known only to the intended recipient. 
3 

4 After reading this application, those skilled in the art would recognize that 

5 the techniques described herein provide an enabling technology, with the effect that 

6 heretofore advantageous features can be provided that heretofore were substantially in- 

7 feasible. After reading this application, those skilled in the art will recognize that these 

8 alternative embodiments and variations are illustrative and are intended to be in no 

9 way limiting. 
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